Cyberange

Insights · Practice · Webinars · Engagement reads

Practice notes, engagement debriefs, and the webinar library.

Cyberange's publishing surface. Written by the consulting practice, the training faculty, and the engineering team. Plus the recorded webinar archive — sector deep-dives for BFSI and healthcare, practitioner sessions for first responders, and inclusion symposia.

Open the 2026 calendar Browse webinars Read the blog

Featured resource · India · 2026

The year's regulatory beats, patch storms, and sector windows — on one timeline.

A planning calendar for India's regulated enterprises. Nine sectors, twelve months, mapped against the deadlines, audit windows, and patch cycles that actually move the needle for a CISO.

Free · Read-only · No login

The 2026 threat-intel calendar — India

Built from public regulatory schedules, vendor patch cadences, sector incident history, and seasonal-event patterns. Filter by sector to see what your peers are tracking, and use the live "today" marker to see what's coming next.

  • Nine sectors — BFSI, healthcare, telecom, energy, gov & defence, transport, retail, manufacturing, IT services
  • Regulatory deadlines from RBI, SEBI, CERT-In, NCIIPC, DPB & sector regulators
  • Patch cycles — Microsoft, Cisco, Fortinet, Palo Alto, Oracle, SAP, Adobe
  • Sector windows — festival surges, financial-year close, election cycles, hajj/yatra peaks
  • Live "today" marker on the year-at-a-glance timeline
Open the 2026 calendar Updated 29 May 2026 · Next revision 30 Jun 2026

Virtual symposium

The Mythos era. The practice. The audience.

MythosThreat — Cyberange threat intelligence webinar

Virtual symposium

Event ended

Decoding the Mythos threat — sovereign risk in an AI-accelerated era

“Mythos is no longer a myth. It is a fundamental rupture in the nature of sovereign risk itself. The exploitation timeline has collapsed. The annual audit model is structurally inadequate.”

A virtual symposium for government & policy makers, BFSI / healthcare CISOs, red-teamers, and AI-defence entrepreneurs. Frames the Mythos era — AI-accelerated threats that have outpaced traditional governance, audit, and patching cycles — and the practice of continuous validation that responds to it.

Audiences

  • MeitY · CERT-In · finance ministries
  • BFSI & healthcare CISOs
  • Red teamers · AI-defence entrepreneurs

Library

Three tracks. Eight sessions. One library.

Sector deep-dives for the audiences that have to live with the findings. Practitioner sessions for the people doing the work. Inclusion symposia for the people who should be doing more of it.

Sector · track

3 sessions

BFSI deep-dive

Cybersecurity for Banking, Financial Services and Insurance

Ransomware tradecraft, DDoS as diversion, supply-chain attacks, Carbanak-style intrusions, and why ninety percent of financial-sector applications still ship in Java.

Audience · BFSI CISOs, CTOs, IT-security managers, risk + compliance, regulators

Aadhaar & PAN safety

Securing your future — biometric locking, Virtual IDs, masked Aadhaar

Citizen-level Aadhaar and PAN protection — biometric locking, Virtual ID generation, masked Aadhaar via M-Aadhaar. Featuring the Director (Technology), UIDAI.

Audience · Aadhaar holders, parents, government-service users, OCIs

ICAI Thrissur

Cybersecurity & awareness for Chartered Accountants

Sector vulnerability framed as national security — for the financial-systems-of-record audience. Case studies, including a recent 9-million-customer breach.

Audience · Chartered Accountants, corporate leaders, IT pros, government

Practitioner · track

3 sessions

Cybercrime first responders

Effective intervention for cybercrime first responders

The CCIO role under CopConnect — victim triage, evidence preservation, escalation. We are there to give them intervention, not investigation.

Audience · Aspiring CCIOs, police, legal professionals, counsellors

Policing perspective

A police perspective on cybercrime complaints

Law-enforcement viewpoint on cybercrime intake, victim handling, and the CCIO / CopConnect role. Featured speaker: Dr. Balsing Rajput, Maharashtra Police.

Audience · CCIOs, counsellors, advocates, parents, victims

Career & opportunity

Challenges and opportunities in cybersecurity

India's national opportunity to supply the world's cybersecurity capacity. Market sizing, career mapping, the UGC 75-hour requirement, NASSCOM FutureSkills Prime reimbursement details.

Audience · Students, career changers, government, judicial professionals

Inclusion · track

2 sessions

International Women's Day

Encouraging women to join cybersecurity

A call to bring women into cyber roles, framed around skill complementarity and location-agnostic flexibility. Includes the women-in-cyber 50 percent course concession.

Audience · Women students, career-transitioners, educators

NL Dalmia Institute

Professional ethics at workplace for students

Workplace ethics for students and early-career professionals via the Clean Exit platform. Anchored in the financial guarantee Cyberange ships with NSD certification.

Audience · Students, early-career professionals, college TPOs

Recorded sessions are mirrored on Cyberange's YouTube channel. Full webinar transcripts are available on request.

From the desk

Practice notes, engagement debriefs, and threat-landscape reads.

Adversary emulation · 27 May 2026

Inside a 90-day red team op against a tier-1 Indian airport operator

A redacted case study mapping a 13-week journey from an external foothold to full Active Directory compromise. Discover how the operator adapted tactics on the fly and what forensic artifacts survived a rigorous CERT-In post-incident review.

By Cyberange Adaptive Red Team

Practice · 26 May 2026

Welcome to Cyberange Insights

The publishing home for our practice notes, engagement debriefs, and threat-landscape reads — now open for contributions from student alumni, cohorts, and the wider community.

By Cyberange Editorial

Recent

DFIR · 26 May 2026

The CERT-In six-hour window: what your DFIR runbook needs to say

CERT-In Direction 70B (April 2022) requires reporting of certain cyber incidents within six hours of detection. A practical breakdown of what the clock actually measures, what your runbook needs to include, and where most organisations get the timeline wrong.

Cyberange DFIR Consulting

ICS / OT · 26 May 2026

Why we ship real PLCs, not software emulators

A short practice note on the difference between a simulator and a range, and why the difference compounds in operator training, regulator-grade demonstrations, and live red-team engagements.

Cyberange Phygital Labs

Threat intelligence · 17 Apr 2026

Browser-based initial access in 2026

The fastest-growing initial-access surface in the engagement data is the browser session, not the credential. Reverse-proxy phishing kits, OAuth consent abuse, extension supply-chain hijacks, and infostealer-fed cookie marketplaces — what changed, why MFA and password rotation no longer cover the dominant case, and which controls actually move the curve.

Cyberange Threat Intel

For potential contributors

Want to publish here?

Cyberange Insights is the publishing home for our practitioners, training faculty, and select external voices working on critical-infrastructure cybersecurity, ICS / OT, BAS, threat intelligence, and DFIR. Contributions are edited but not ghost-written; the author keeps the byline.

Internal authors push MDX directly to src/content/posts/ via a PR. External contributors can either submit a PR or send a draft and we publish it on their behalf.

A visual admin UI (Keystatic, deployed at /keystatic) is on the roadmap for non-technical authors. The storage layer doesn't change when that lands — same MDX files, same schema.

Pitch a post

Subscribe. Or come build the range with us.

A monthly digest of new practice notes, engagement reads, and webinar releases. No marketing email. Unsubscribe in one click.

Subscribe Talk to us